package com.fordmotor.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;

//@Configuration
//@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

    private static final String RESOURCE_LBS = "lbs";
    private static final String RESOURCE_COUNT = "count";

//    @Autowired
//    AuthenticationManager authenticationManager;
//
//    @Autowired
//    RedisConnectionFactory redisConnectionFactory;
//
//    @Autowired
//    private UserDetailsService userDetailsService;
//
//    @Override
//    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
//
//        String finalSecret = "{bcrypt}" + new BCryptPasswordEncoder().encode("123456");
//        //配置两个客户端,一个用于password认证一个用于client认证
//        clients.inMemory()
//
//                //client模式
//                .withClient("client_1")
//                .resourceIds(RESOURCE_LBS+","+RESOURCE_COUNT)
//                .authorizedGrantTypes("client_credentials", "refresh_token")
//                .scopes("select")
//                .authorities("oauth2")
//                .secret(finalSecret)
//
//                .and()
//
//                //密码模式
//                .withClient("client_2")
//                .resourceIds(RESOURCE_LBS+","+RESOURCE_COUNT)
//                .authorizedGrantTypes("password", "refresh_token")
//                .scopes("select")
//                .authorities("oauth2")
//                .secret(finalSecret);
//    }
//
//    /**
//     * 认证服务端点配置
//     */
//    @Override
//    public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
//        endpoints
//                //用户管理
//                .userDetailsService(userDetailsService)
//                //token存到redis
//                .tokenStore(new RedisTokenStore(redisConnectionFactory))
//                //启用oauth2管理
//                .authenticationManager(authenticationManager)
//                //接收GET和POST
//                .allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST);
//    }
//
//    @Override
//    public void configure(AuthorizationServerSecurityConfigurer oauthServer) {
//        oauthServer.allowFormAuthenticationForClients();
//    }
}

